Network Management / (OpenView-NNM) Practitioners Forum

managing router thru firewall

Mark Kacanda
Acclaimed Contributor

managing router thru firewall

Does anyone know how to manage a router
that is protected by a firewall via a CS?
SNMP polling works properly but the device
remains critical because ICMP ping sweeps
fail because of the firewall.

Is there a way to disable ping-sweeps for
the router object?
Berlene Herren
Honored Contributor

Re: managing router thru firewall

For 11.0, you can use an ndd parameter.

11.0 introduces a new concept called Dead Gateway detection where an ICMP Echo
Request(ping packet) is sent to all of the default gateways. If the gatewaydoes
not respond, then this gateway is moved to a dead gateway listand is not used
until ICMP Echo Requests start getting Replies.

In these situations, disabling the Dead Gateway Detection algorithm is needed.An
HP-UX 11.0 Transport patch will be released shortly to allow you to disable this
feature via ndd.

The ndd tunable will be ip_ire_gw_probe.
To disable Dead Gateway Detection:
ndd -set /dev/ip ip_ire_gw_probe 0

[PHNE_20735} is the right patch.
Did you set the ' ndd -set /dev/ip ip_ire_gw_probe 0 ' command ?
Note: parameter is not permanent ! you need to add it to the startup scripts of
your system.

You can also check out the document, Managing Your Networks Through a Firewall
//Add this to "OnDomLoad" event